December 2, 2023

The Asia Pacific Network Information Centre (APNIC), the internet registry for the region, has admitted it left at least a portion of its Whois SQL database, which contains sensitive information, facing the public internet for three months during maintenance activity on Registration Data Access Protocol set to replace Whois

During that maintenance effort, a dump from APNIC’s Whois SQL database was copied to a Google Cloud storage bucket and APNIC only learned it was accessible to the public when an independent security researcher tipped it off to the problem

The file in the exposed bucket “contained hashed authentication details for APNIC whois maintainer and IRT objects, and also included some private whois objects that are not visible on APNIC’s regular public whois service”. Hashed passwords are been use to protect thr APNIC’s Database and only authorised can access the records and do a change

The data contained in the private objects varies, as there were comments added by resource holders in the ‘descr’ and ‘remarks’ attributes. The review of this data has found that it predominantly consists of corporate contact details.

APNIC has reset passwords, advised all stakeholders whose data was at risk, apologised and taken steps to prevent in future. The organisation also pointed out that users with a MyAPNIC account have nothing to worry about, and don’t need to change their passwords, as the exposed data only concerned maintainers and a small group of other users.

Tags:

Leave a Reply

You may have missed

CISA KEV Update Part I – December 2023

December 1, 2023

Dollar Tree Affected by a Third Party Breach

December 1, 2023

Apple Patches iOS zerodays – CVE-2023-42916 and CVE-2023-42917

December 1, 2023

TheCyberThrone Security Week In Review – November 25, 2023

November 30, 2023

BlueVoyant Acquires Conquest Cyber

November 30, 2023

Google Fixes Sixth Chrome ZeroDay of 2023

November 29, 2023
%d bloggers like this: